[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Tue Oct 11 19:04:44 CDT 2016
Index: configs/allen-public-library.client.onenet.net
===================================================================
--- configs/allen-public-library.client.onenet.net (revision 147194)
+++ configs/allen-public-library.client.onenet.net (working copy)
@@ -135,8 +135,8 @@
#ge-0/0/1.0 up down
#ge-0/0/2 up up
#ge-0/0/2.0 up up
-#ge-0/0/3 up up
-#ge-0/0/3.0 up up
+#ge-0/0/3 up down
+#ge-0/0/3.0 up down
#ge-0/0/4 up down
#ge-0/0/4.0 up down
#ge-0/0/5 up up
Index: configs/sti-adva.p.onenet.net
===================================================================
--- configs/sti-adva.p.onenet.net (revision 145815)
+++ configs/sti-adva.p.onenet.net (working copy)
@@ -308,7 +308,7 @@
<part name="MOD-4-11" description="2WCC10G" hw_version="" part_id="2WCC10G" part_num="" serial_number="FA72121300230" slot="MOD-4-11" vendor_id="ADVA">
<part name="PL-4-11-C1" description="XFP-G" hw_version="" part_id="XFP-G" part_num="" serial_number="FA70124901504" slot="PL-4-11-C1" vendor_id="ADVA"></part>
<part name="PL-4-11-C2" description="XFP-G" hw_version="" part_id="XFP-G" part_num="" serial_number="FA70124901505" slot="PL-4-11-C2" vendor_id="ADVA"></part>
- <part name="PL-4-11-NE" description="XFPTLN-D" hw_version="" part_id="XFPTLN-D" part_num="" serial_number="FA94131302456" slot="PL-4-11-NE" vendor_id="ADVA"></part>
+ <part name="PL-4-11-NE" description="XFPTLN-D" hw_version="" part_id="XFPTLN-D" part_num="" serial_number="FA86122100148" slot="PL-4-11-NE" vendor_id="ADVA"></part>
<part name="PL-4-11-NW" description="XFPTLN-D" hw_version="" part_id="XFPTLN-D" part_num="" serial_number="FA70124802915" slot="PL-4-11-NW" vendor_id="ADVA"></part>
<interface name="CH-4-11-C1" abbr_name="CH-4-11-C1" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="CH-4-11-C2" abbr_name="CH-4-11-C2" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
Index: configs/osrhe-chancellor-residence.client.onenet.net
===================================================================
--- configs/osrhe-chancellor-residence.client.onenet.net (revision 146127)
+++ configs/osrhe-chancellor-residence.client.onenet.net (working copy)
@@ -1,14 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CHANCELLOR-JOHNSON-SRX220-004655> show system commit
+# 2016-10-11 18:47:35 CDT by andrew via cli
+# 2016-10-11 18:45:26 CDT by andrew via cli commit confirmed, rollback in 3mins
+# 2016-10-11 18:33:24 CDT by andrew via cli commit confirmed, rollback in 3mins
+# 2016-10-11 18:19:55 CDT by andrew via cli commit confirmed, rollback in 5mins
# 2016-09-02 11:02:17 CDT by admin via cli
# 2015-11-18 22:06:58 CST by admin via cli commit confirmed, rollback in 3mins
-# 2015-09-03 11:52:04 CDT by admin via cli
-# 2015-08-31 13:53:16 CDT by admin via cli
-# 2015-08-31 13:48:58 CDT by root via cli
-# 2015-08-31 13:43:21 CDT by root via other
-# rescue 2015-11-18 22:07:45 CST by admin via cli
-#
# grnoc-mon at CHANCELLOR-JOHNSON-SRX220-004655> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -100,7 +98,7 @@
# grnoc-mon at CHANCELLOR-JOHNSON-SRX220-004655> show system uptime
# System booted: 2015-09-11 10:05 CDT
# Protocols started: 2015-09-11 10:08 CDT
-# Last configured: 2016-09-02 11:02 CDT by admin
+# Last configured: 2016-10-11 18:47 CDT by andrew
#
# grnoc-mon at CHANCELLOR-JOHNSON-SRX220-004655> show interface terse
#Interface Admin Link
@@ -147,11 +145,12 @@
#ppe0 up up
#st0 up up
#st0.0 up up
+#st0.1 up up
#tap up up
#vlan up up
#vlan.4 up up
# grnoc-mon at CHANCELLOR-JOHNSON-SRX220-004655> show configuration
-## Last commit: 2016-09-02 11:02:17 CDT by admin
+## Last commit: 2016-10-11 18:47:35 CDT by andrew
version 12.1X46-D20.5;
system {
host-name CHANCELLOR-JOHNSON-SRX220-004655;
@@ -386,6 +385,10 @@
description "VPN to OneNet";
family inet;
}
+ unit 1 {
+ description "VPN to Regents";
+ family inet;
+ }
}
vlan {
unit 4 {
@@ -420,6 +423,7 @@
route 172.18.4.0/23 next-hop st0.0;
route 164.58.253.0/24 next-hop st0.0;
route 164.58.253.20/32 next-hop 184.186.214.65;
+ route 10.10.247.0/24 next-hop st0.1;
}
}
protocols {
@@ -447,16 +451,37 @@
encryption-algorithm aes-128-cbc;
lifetime-seconds 28800;
}
+ proposal PRE-G20-AES256-SHA384 {
+ authentication-method pre-shared-keys;
+ dh-group group20;
+ authentication-algorithm sha-384;
+ encryption-algorithm aes-256-cbc;
+ lifetime-seconds 28800;
+ }
policy IKE-POLICY-ONENET {
mode main;
proposals PRE-G2-AES128-SHA;
# pre-shared-#key <removed>;
}
+ policy IKE-POLICY-REGENTS {
+ mode main;
+ proposals PRE-G20-AES256-SHA384;
+# pre-shared-#key <removed>;
+ }
gateway IKE-GATE-ONENET {
ike-policy IKE-POLICY-ONENET;
address 164.58.69.122;
external-interface ge-0/0/0.0;
}
+ gateway IKE-GATE-REGENTS {
+ ike-policy IKE-POLICY-REGENTS;
+ address 164.58.63.34;
+ dead-peer-detection {
+ interval 10;
+ threshold 5;
+ }
+ external-interface ge-0/0/0.0;
+ }
}
ipsec {
proposal G2-ESP-AES128-SHA {
@@ -466,9 +491,18 @@
encryption-algorithm aes-128-cbc;
lifetime-seconds 3600;
}
+ proposal ESP-AES256-SHA256 {
+ protocol esp;
+ authentication-algorithm hmac-sha-256-128;
+ encryption-algorithm aes-256-cbc;
+ lifetime-seconds 3600;
+ }
policy VPN-POLICY-ONENET {
proposals G2-ESP-AES128-SHA;
}
+ policy VPN-POLICY-REGENTS {
+ proposals ESP-AES256-SHA256;
+ }
vpn IPSEC-VPN-ONENET {
bind-interface st0.0;
vpn-monitor {
@@ -480,6 +514,17 @@
}
establish-tunnels immediately;
}
+ vpn IPSEC-VPN-REGENTS {
+ bind-interface st0.1;
+ vpn-monitor {
+ optimized;
+ }
+ ike {
+ gateway IKE-GATE-REGENTS;
+ ipsec-policy VPN-POLICY-REGENTS;
+ }
+ establish-tunnels immediately;
+ }
}
alg {
msrpc disable;
@@ -610,6 +655,14 @@
}
}
}
+ st0.1 {
+ host-inbound-traffic {
+ system-services {
+ ping;
+ traceroute;
+ }
+ }
+ }
}
}
}
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 147194)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -674,7 +674,6 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/hub.alt.onenet.net
===================================================================
--- configs/hub.alt.onenet.net (revision 147072)
+++ configs/hub.alt.onenet.net (working copy)
@@ -282,8 +282,8 @@
#t1-2/0/2:5.16 up up
#t1-2/0/2:5.17 up up
#t1-2/0/2:6 down down
-#t1-2/0/2:7 up up
-#t1-2/0/2:7.0 up up
+#t1-2/0/2:7 up down
+#t1-2/0/2:7.0 up down
#t1-2/0/2:8 down down
#t1-2/0/2:9 up up
#t1-2/0/2:9.0 up up
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 147192)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -598,6 +598,7 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
More information about the Nocrancid
mailing list